137 Security Blogs

Last Updated: 02 Jul 25 01:27 UTC

Blog List | Github | OPML

2025-07-02

Dark Reading
Silver Fox Suspected in Taiwanese Campaign Using DeepSeek Lure


2025-07-01

Cloudflare
Content Independence Day: no AI crawl without compensation!

Cloudflare
The crawl before the fall… of referrals: understanding AI’s impact on content providers

Cloudflare
Control content use for AI training with Cloudflare’s managed robots.txt and blocking for monetized content

Cloudflare
Introducing pay per crawl: enabling content owners to charge AI crawlers for access

Cloudflare
From Googlebot to GPTBot: who’s crawling your site in 2025

Cloudflare
Message Signatures are now part of our Verified Bots Program, simplifying bot authentication

Fastly
How to Control and Monetize AI Bot Traffic Using Fastly and TollBit

Amazon Security
Remote access to AWS: A guide for hybrid workforces

Schneier on Security
Iranian Blackout Affected Misinformation Campaigns

Eclypsium
BTS #52 - Securing the Future of AI Infrastructure

Praetorian
GitPhish: Automating Enterprise GitHub Device Code Phishing

Malwarebytes
Update your Chrome to fix new actively exploited zero-day vulnerability

Malwarebytes
Bluetooth vulnerability in audio devices can be exploited to spy on users

Malwarebytes
Facebook wants to look at your entire camera roll for “AI restyling” suggestions, and more

Datadog HQ
Unify APM and RUM data for full-stack visibility

Datadog HQ
Why GovRAMP-authorized observability matters for state, local, and education IT teams

Dark Reading
Like SEO, LLMs May Soon Fall Prey to Phishing Scams

Dark Reading
LevelBlue Acquires Trustwave, Forms World's Largest Independent MSSP

Dark Reading
Scope, Scale of Spurious North Korean IT Workers Emerges

Dark Reading
Ransomware Reshaped How Cyber Insurers Perform Security Assessments

Dark Reading
We've All Been Wrong: Phishing Training Doesn't Work

Dark Reading
DoJ Disrupts North Korean IT Worker Scheme Across Multiple US States

Dark Reading
Chrome Zero-Day, 'FoxyWallet' Firefox Attacks Threaten Browsers

Dark Reading
How Businesses Can Align Cyber Defenses With Real Threats

White Knight Labs
Understanding Out-Of-Bounds in Windows Kernel Driver

Google Safety & Security
We are announcing Sparkasse as our first national credential partner for EU age assurance.

Github Security Blog
Understand your software’s supply chain with GitHub’s dependency graph

Leviathan Security
Integrating Security Metrics into Quality Models: A DORA-Aligned Strategy

Meta Security
An inside look at Meta’s transition from C to Rust on mobile

Binarly
Check Your BMC Firmware Twice

Ars Technica Security
US critical infrastructure exposed as feds warn of possible attacks from Iran

Searchlight Cyber Research
How we got persistent XSS on every AEM cloud site, thrice

Microsoft Security
Planning your move to Microsoft Defender portal for all Microsoft Sentinel customers

TrustedSec
Abusing Chrome Remote Desktop on Red Team Operations: A Practical Guide

ReversingLabs
Europe's EUVD could shake up the vulnerability database ecosystem


2025-06-30

Fastly
Can We Make AI Green? Big AI Sustainability Questions, Answered by Fastly’s Co-Founder

Amazon Security
AWS Certificate Manager now supports exporting public certificates

Schneier on Security
How Cybersecurity Fears Affect Confidence in Voting Systems

Malwarebytes
Corpse-eating selfies, and other ways to trick scammers (Lock and Code S06E14)

Malwarebytes
AT&T to pay compensation to data breach victims. Here’s how to check if you were affected

Malwarebytes
Android threats rise sharply, with mobile malware jumping by 151% since start of year

Malwarebytes
A week in security (June 23 – June 29)

Datadog HQ
How we've created a successful FinOps practice at Datadog

Dark Reading
Scattered Spider Hacking Spree Continues With Airline Sector Attacks

Dark Reading
Hired Hacker Assists Drug Cartel in Finding, Killing FBI Sources

Dark Reading
Chinese Company Hikvision Banned By Canadian Government

Dark Reading
Rethinking Cyber-Risk as Traditional Models Fall Short

Dark Reading
Airoha Chip Vulns Put Sony, Bose Earbuds & Headphones at Risk

Dark Reading
AI-Themed SEO Poisoning Attacks Spread Info, Crypto Stealers

Dark Reading
Why Cybersecurity Should Come Before AI in Schools

Snyk
Fixing Fix Fatigue: Building Developer Trust for Secure AI Code

Meta Security
Meta joins Kotlin Foundation

Ars Technica Security
Drug cartel hacked FBI official’s phone to track and kill informants, report says

Krebs on Security
Senator Chides FBI for Weak Advice on Mobile Security

Mend
Best Software Composition Analysis (SCA) Tools: Top 6 Solutions in 2025

Microsoft Security
Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations


2025-06-28

OWASP
InfoSecMap x OWASP Collaboration

Mend
Best Application Security Testing Tools: Top 10 Tools in 2025

Retooling_
My Emulation Goes to the Moon... Until False Flag


2025-06-27

SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 26

Cloudflare
Celebrate Micro-Small, and Medium-sized Enterprises Day with Cloudflare

Schneier on Security
Friday Squid Blogging: What to Do When You Find a Squid “Egg Mop”

Schneier on Security
The Age of Integrity

Auth0
B2B SaaS Identity Challenges: Enterprise Integration and Security

Eclypsium
Ars Technica: Actively exploited vulnerability gives extraordinary control over server fleets

Eclypsium
SC Media: Attacks leveraging maximum severity AMI MegaRAC vulnerability underway

Eclypsium
The Hacker News: CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

Eclypsium
Hackaday: This Week In Security: MegaOWNed, Store Danger, And FileFix

SpiderLabs
Tracing Blind Eagle to Proton66

Malwarebytes
Fake DocuSign email hides tricky phishing attempt

Datadog HQ
Route your monitor alerts with Datadog monitor notification rules

Dark Reading
Top Apple, Google VPN Apps May Help China Spy on Users

Dark Reading
'CitrixBleed 2' Shows Signs of Active Exploitation

Dark Reading
Scattered Spider Taps CFO Credentials in 'Scorched Earth' Attack

Dark Reading
Hackers Make Hay? Smart Tractors Vulnerable to Full Takeover

Dark Reading
Vulnerability Debt: How Do You Put a Price on What to Fix?

Dark Reading
US Falling Behind China in Exploit Production

Dark Reading
'Cyber Fattah' Hacktivist Group Leaks Saudi Games Data

Github Security Blog
GitHub Advisory Database by the numbers: Known security vulnerabilities and what you can do about them

Ars Technica Security
Microsoft changes Windows in attempt to prevent next CrowdStrike-style catastrophe

Searchlight Cyber
Scattered Spider Shifts Focus to Insurance Industry

Mend
Best SAST Solutions: How to Choose Between the Top 11 Tools in 2025

Microsoft Security
Unveiling RIFT: Enhancing Rust malware analysis through pattern matching


2025-06-26

Cloudflare
Russian Internet users are unable to access the open Internet

Cloudflare
Orange Me2eets: We made an end-to-end encrypted video calling app and it was easy

Fastly
Getting Started with TypeScript on Fastly Compute

Fastly
AI Energy Pulse Check 2025: Insights from Nearly 500 Experts

Schneier on Security
White House Bans WhatsApp

Hunt and Hackett
Rising Cyber Tensions: NoName057(16)’s hacktivist activities reach the Netherlands

Auth0
Zero Trust Begins with Zero Shared Secrets

Eclypsium
A Historic First: BMC Vulnerability CVE-2024-54085 Joins CISA's Most Critical List

Eclypsium
BleepingComputer: CISA: AMI MegaRAC bug enabling server hijacks exploited in attacks

Eclypsium
Network World: AMI MegaRAC authentication bypass flaw is being exploitated, CISA warns

Talos Intelligence
Getting a career in cybersecurity isn’t easy, but this can help

Talos Intelligence
Decrement by one to rule them all: AsIO3.sys driver exploitation

Offensive Security
CVE-2024-39914 – Unauthenticated Command Injection in FOG Project’s export.php

Malwarebytes
Jailbroken AIs are helping cybercriminals to hone their craft

Malwarebytes
Why the Do Not Call Registry doesn’t work

Datadog HQ
Improve SLO accuracy and performance with Datadog Synthetic Monitoring

Dark Reading
'IntelBroker' Suspect Arrested, Charged in High-Profile Breaches

Dark Reading
How Geopolitical Tensions Are Shaping Cyber Warfare

Dark Reading
Charming Kitten APT Tries Spying on Israeli Cybersecurity Experts

Ars Technica Security
Actively exploited vulnerability gives extraordinary control over server fleets

Compass Security Blog
Pwn2Own Ireland 2024 – Ubiquiti AI Bullet

Palo Alto Networks
Global Reach — The New Scale of Chinese Cyberthreats

Mend
Securing AI code at the source: Mend.io now integrates with Cursor AI Code Editor

Microsoft Security
Building security that lasts: Microsoft’s journey towards durability at scale ​​

ReversingLabs
SAFE and Trusted: Why the Spectra Assure Community Badge Belongs on Your Open Source Project


2025-06-25

Cloudflare
Building agents with OpenAI and Cloudflare’s Agents SDK

Schneier on Security
What LLMs Know About Their Users

Auth0
Model Context Protocol (MCP) Spec Updates from June 2025: One Small Step for a Spec, One Giant Leap for Security

Talos Intelligence
Cybercriminal abuse of large language models

SpiderLabs
Trustwave SpiderLabs’ 2025 Risk Radar Report: Technology Sector

Malwarebytes
Facial recognition: Where and how you can opt out

Malwarebytes
Many data brokers are failing to register with state consumer protection agencies

Malwarebytes
Sextortion email scammers increase their “Hello pervert” money demands

Dark Reading
Cloud Repatriation Driven by AI, Cost, and Security

Dark Reading
And Now Malware That Tells AI to Ignore It?

Dark Reading
Taming Agentic AI Risks Requires Securing Non-Human Identities

Dark Reading
Millions of Brother Printers Hit by Critical, Unpatchable Bug

Dark Reading
CISA Is Shrinking: What Does It Mean for Cyber?

Dark Reading
Dire Wolf Ransomware Comes Out Snarling, Bites Technology, Manufacturing

Dark Reading
Hundreds of MCP Servers Expose AI Models to Abuse, RCE

Dark Reading
Generative AI Exacerbates Software Supply Chain Risks

Dark Reading
XOR Marks the Flaw in SAP GUI

Dark Reading
Africa Sees Surge in Cybercrime as Law Enforcement Struggles

Snyk
Understanding CRA Compliance: Overcoming Challenges with an Integrated Security Testing Approach

Bishop Fox Security
Sipping from the CVE Firehose: How We Prioritize Emerging Threats for Real-World Impact

Ars Technica Security
Ubuntu disables Intel GPU security mitigations, promises 20% performance boost

Palo Alto Networks
Chart Your SASE Transformation with Prisma SD-WAN

Almond Offensive Security Blog
Deleting a file in Wire doesn’t remove it from servers — and other findings

Microsoft Security
Microsoft Named a Leader in the 2025 IDC CNAPP MarketScape: Key Takeaways for Security Buyers

ReversingLabs
How to Speed Up TPRM Approvals with Spectra Assure